CVE-2023-4900

MEDIUM

Google Chrome < 117.0.5938.62 - Permission Prompt Obfuscation via Custom Tabs

Title source: llm
STIX 2.1

Description

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity: Medium)

References (7)

Core 7

Scores

CVSS v3 4.3
EPSS 0.0027
EPSS Percentile 50.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Details

Status published
Products (6)
debian/debian_linux 11.0
debian/debian_linux 12.0
fedoraproject/fedora 37
fedoraproject/fedora 38
fedoraproject/fedora 39
google/chrome < 117.0.5938.62
Published Sep 12, 2023
Tracked Since Feb 18, 2026